London Daily

Focus on the big picture.
Thursday, Jul 24, 2025

Russia, China Hackers Boost Election Attacks, Microsoft Says

Russia, China Hackers Boost Election Attacks, Microsoft Says

Russian, Chinese and Iranian hackers have stepped up efforts to disrupt the U.S. election by targeting the campaigns of President Donald Trump and Democratic nominee Joe Biden, a Microsoft Corp. investigation found.

Cyber-attacks have also been aimed at political parties, advocacy groups, academics and leaders in the international affairs community, according to a blog post Thursday from Tom Burt, corporate vice president of customer security and trust at Microsoft.

SKDKnickerbocker, a public affairs and political consulting firm working with Biden’s campaign, was also recently targeted in an unsuccessful hack by suspected Russian state-backed hackers, according to a Thursday report by Reuters, which said that Microsoft had alerted the firm.

The attempted hack on SKDKnickerbocker reflects a broader trend documented by Microsoft: that a Russia-based group had attacked “political campaigns, advocacy groups, parties and political consultants.”

Attempts by foreign adversaries to disrupt the Nov. 3 presidential election echo the efforts by Russia in 2016 to meddle in the campaign on Trump’s behalf. The president is trailing Biden in the 2020 race by more than 7 percentage points in a national average of polls.

The findings emerged hours after the U.S. sanctioned Andrii Derkach, a Ukrainian lawmaker who met with Trump’s personal lawyer last year, alleging he’s a Russian agent trying to influence the 2020 election.

Microsoft’s report also came a day after a Homeland Security Department official alleged that Trump administration appointees suppressed intelligence on Russian election interference while promoting China as the prime threat.

Microsoft reported that about 200 organizations directly or indirectly tied to the U.S. election and political organizations in Europe were affected by a Russian-operated group, called Strontium, including U.S.-based consultants serving Republicans and Democrats.

The same group was also identified in the report by Special Counsel Robert Mueller as being responsible for the attacks on the Democratic presidential campaign in 2016, according to Microsoft. Strontium is also known as APT28, or Fancy Bear.

Microsoft also reported unsuccessful cyber-attacks from Iran on people associated with the Trump campaign, and attempted attacks from China on people associated with the Biden campaign, as well as a “prominent” individual formerly associated with the Trump administration. The people who were targeted weren’t named.

The Chinese group, referred to as Zirconium, has mounted thousands of attacks from March through September on campaign officials as well as prominent academics and others in international affairs.

Of those attempts, about 150 were successful breaches, but Microsoft didn’t identify the victims other than to say they weren’t associated with the presidential campaigns.

According to John Hultquist, who serves as the senior director of analysis at cybersecurity firm FireEye Inc.’s Mandiant, the recent Russian activity poses the greatest threat to the election.

“It’s likely Iranian and Chinese actors targeted US campaigns to quietly collect intelligence, but APT28’s unique history raises the prospect of follow-on information operations or other devastating activity,” he said.

Microsoft’s findings echo those of U.S. government officials.

”Our adversaries are continuously looking for vulnerable U.S. networks to exploit, and networks associated with political organizations and campaigns are no exception,” the Federal Bureau of Investigation said in a statement on Thursday.

In August, William Evanina, head of the National Counterintelligence and Security Center, said Russia, China and Iran are trying to “use covert and overt influence measures in their attempts to sway U.S. voters’ preferences and perspectives, shift U.S. policies, increase discord in the United States, and undermine the American people’s confidence in our democratic process.”

And on Wednesday, Chad Wolf, acting secretary of the Department of Homeland Security, said “the governments of China, Iran and Russia target our election systems, each with its own separate and nefarious motives and tactics.”


‘Stepped Up’


The recent attacks reveal that “foreign activity groups have stepped up their efforts targeting the 2020 election,” according to Microsoft. “What we’ve seen is consistent with previous attack patterns that not only target candidates and campaign staffers but also those who they consult on key issues.”

The majority of attacks were detected and stopped by security tools built into Microsoft’s software, Burt said.

Foreign groups used tactics including rotating IP addresses to disguise attacks, web bugs planted in purchased domain names and phishing, in an effort to harvest log-in credentials and gain information on targeted individuals and organizations.

Phishing attacks can be for routine espionage against campaigns or, in some cases, to conduct hack and leak operations -- a key feature in Russia’s campaign to help Trump and hurt Hillary Clinton in 2016.

Disinformation experts are on high alert for strategic leaks of real or fabricated documents in the weeks ahead of election day, as a foreign influence tactic that could significantly harm a candidate’s chances, particularly if there isn’t enough time for them to adequately respond.

“We disclose attacks like these because we believe it’s important the world knows about threats to democratic processes,” Burt said. He also said more federal funding is needed in the U.S. so states can better protect their election infrastructure.

The Office of the Director of National Intelligence said in a statement Thursday that the “private sector plays a crucial role” in safeguarding elections and national security.

“We welcome their assistance and will continue partnering with them to combat foreign efforts to target political candidates, campaigns and others involved in the U.S. elections,” according to the statement.

Newsletter

Related Articles

0:00
0:00
Close
TSUNAMI: Trump Just Crossed the Rubicon—And There’s No Turning Back
Over 120 Criminal Cases Dismissed in Boston Amid Public Defender Shortage
UN's Top Court Declares Environmental Protection a Legal Obligation Under International Law
"Crazy Thing": OpenAI's Sam Altman Warns Of AI Voice Fraud Crisis In Banking
The Podcaster Who Accidentally Revealed He Earns Over $10 Million a Year
Trump Announces $550 Billion Japanese Investment and New Trade Agreements with Indonesia and the Philippines
US Treasury Secretary Calls for Institutional Review of Federal Reserve Amid AI‑Driven Growth Expectations
UK Government Considers Dropping Demand for Apple Encryption Backdoor
Severe Flooding in South Korea Claims Lives Amid Ongoing Rescue Operations
Japanese Man Discovers Family Connection Through DNA Testing After Decades of Separation
Russia Signals Openness to Ukraine Peace Talks Amid Escalating Drone Warfare
Switzerland Implements Ban on Mammography Screening
Japanese Prime Minister Vows to Stay After Coalition Loses Upper House Majority
Pogacar Extends Dominance with Stage Fifteen Triumph at Tour de France
CEO Resigns Amid Controversy Over Relationship with HR Executive
Man Dies After Being Pulled Into MRI Machine Due to Metal Chain in New York Clinic
NVIDIA Achieves $4 Trillion Valuation Amid AI Demand
US Revokes Visas of Brazilian Corrupted Judges Amid Fake Bolsonaro Investigation
U.S. Congress Approves Rescissions Act Cutting Federal Funding for NPR and PBS
North Korea Restricts Foreign Tourist Access to New Seaside Resort
Brazil's Supreme Court Imposes Radical Restrictions on Former President Bolsonaro
Centrist Criticism of von der Leyen Resurfaces as she Survives EU Confidence Vote
Judge Criticizes DOJ Over Secrecy in Dropping Charges Against Gang Leader
Apple Closes $16.5 Billion Tax Dispute With Ireland
Von der Leyen Faces Setback Over €2 Trillion EU Budget Proposal
UK and Germany Collaborate on Global Military Equipment Sales
Trump Plans Over 10% Tariffs on African and Caribbean Nations
Flying Taxi CEO Reclaims Billionaire Status After Stock Surge
Epstein Files Deepen Republican Party Divide
Zuckerberg Faces $8 Billion Privacy Lawsuit From Meta Shareholders
FIFA Pressured to Rethink World Cup Calendar Due to Climate Change
SpaceX Nears $400 Billion Valuation With New Share Sale
Microsoft, US Lab to Use AI for Faster Nuclear Plant Licensing
Trump Walks Back Talk of Firing Fed Chair Jerome Powell
Zelensky Reshuffles Cabinet to Win Support at Home and in Washington
"Can You Hit Moscow?" Trump Asked Zelensky To Make Putin "Feel The Pain"
Irish Tech Worker Detained 100 days by US Authorities for Overstaying Visa
Dimon Warns on Fed Independence as Trump Administration Eyes Powell’s Succession
Church of England Removes 1991 Sexuality Guidelines from Clergy Selection
Superman Franchise Achieves Success with Latest Release
Hungary's Viktor Orban Rejects Agreements on Illegal Migration
Jeff Bezos Considers Purchasing Condé Nast as a Wedding Gift
Ghislaine Maxwell Says She’s Ready to Testify Before Congress on Epstein’s Criminal Empire
Bal des Pompiers: A Celebration of Community and Firefighter Culture in France
FBI Chief Kash Patel Denies Resignation Speculations Amid Epstein List Controversy
Air India Pilot’s Mental Health Records Under Scrutiny
Google Secures Windsurf AI Coding Team in $2.4 Billion Licence Deal
Jamie Dimon Warns Europe Is Losing Global Competitiveness and Flags Market Complacency
South African Police Minister Suspended Amid Organised Crime Allegations
Nvidia CEO Claims Chinese Military Reluctance to Use US AI Technology
×